# frozen_string_literal: true # server-server post '/inbox' do request.body.rewind # in case someone already read it @body = request.body.read halt 400 if @body.empty? begin @activity = JSON.parse @body rescue StandardError p @body halt 400 end type = @activity['type'].downcase.to_sym p type halt 501 unless respond_to?(type) # jj @activity @object = @activity['object'] @object = fetch(@object) if @object.is_a?(String) && @object.match(/^http/) halt 400 unless @object # verify! unless type == :accept # pixelfed sends unsigned accept activities send(type) end # public get '/.well-known/webfinger' do if request['resource'] == "acct:#{MENTION}" send_file('./public/webfinger', type: 'application/jrd+json') else halt 404 end end get '/outbox' do ordered_collection(OUTBOX_DIR).to_json end ['/following', '/followers'].each do |path| get path do ordered_collection(File.join(PUBLIC_DIR, path)).to_json end end get '/pdp8' do send_file('./public/pdp8') end get '/tags/:tag' do |tag| ordered_collection(File.join(TAGS, tag)).to_json end helpers do # https://github.com/mastodon/mastodon/blob/main/app/controllers/concerns/signature_verification.rb def verify! # digest sha256 = OpenSSL::Digest.new('SHA256') digest = "SHA-256=#{sha256.base64digest(@body)}" halt 403 unless digest == request.env['HTTP_DIGEST'] # signature signature_params = {} request.env['HTTP_SIGNATURE'].split(',').each do |pair| k, v = pair.split('=') signature_params[k] = v.gsub('"', '') end key_id = signature_params['keyId'] headers = signature_params['headers'] signature = Base64.decode64(signature_params['signature']) actor = fetch key_id halt 403 unless actor key = OpenSSL::PKey::RSA.new(actor['publicKey']['publicKeyPem']) comparison = headers.split(' ').map do |signed_params_name| if signed_params_name == '(request-target)' '(request-target): post /inbox' elsif signed_params_name == 'content-type' "#{signed_params_name}: #{request.env['CONTENT_TYPE']}" else "#{signed_params_name}: #{request.env["HTTP_#{signed_params_name.upcase}"]}" end end.join("\n") halt 403 unless key.verify(OpenSSL::Digest.new('SHA256'), signature, comparison) end def create return unless @object return if object_exists? File.open(object_file, 'w+') { |f| f.puts @object.to_json } return unless @object['inReplyTo'] @object = fetch @object['inReplyTo'] create if @object end def announce create end def follow File.open(File.join(FOLLOWERS, "#{mention(@activity['actor'])}.json"), 'w+') { |f| f.puts @body } outbox 'Accept', @activity, [@activity['actor']] end def accept return unless @object['type'] == 'Follow' File.open(File.join(FOLLOWING_DIR, "#{mention(@object['object'])}.json"), 'w+') { |f| f.puts @object.to_json } end def undo return unless @object['type'] == 'Follow' Dir[File.join(FOLLOWERS, '*.json')].each do |follower| FileUtils.rm follower if JSON.parse(File.read(follower))['actor'] == @object['actor'] end end def inbox Dir[File.join(INBOX_DIR, 'note', '*.json')].collect do |file| JSON.parse(File.read(file)) end.sort_by { |o| o['published'] } end def object_exists? !inbox.select { |o| o['id'] == @object['id'] }.empty? end def object_file dir = File.join 'inbox', @object['type'].downcase FileUtils.mkdir_p dir File.join dir, "#{Time.now.strftime('%Y-%m-%dT%H:%M:%S.%N')}.json" end def ordered_collection(dir) posts = Dir[File.join(dir, '*.json')].collect { |f| JSON.parse(File.read(f)) }.sort_by { |o| o['published'] } { '@context' => 'https://www.w3.org/ns/activitystreams', 'summary' => "#{USER} #{dir}", 'type' => 'OrderedCollection', 'totalItems' => posts.size, 'orderedItems' => posts } end end